mirror of
https://github.com/servo/servo.git
synced 2025-08-10 07:55:33 +01:00
Update FetchTaskTarget to propagate CSP violations. (#36409)
It also updates the FetchResponseListener to process CSP violations to ensure that iframe elements (amongst others) properly generate the CSP events. These iframe elements are used in the Trusted Types tests themselves and weren't propagating the violations before. However, the tests themselves are still not passing since they also use Websockets, which currently aren't using the fetch machinery itself. That is fixed as part of [1]. [1]: https://github.com/servo/servo/issues/35028 --------- Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com> Signed-off-by: Josh Matthews <josh@joshmatthews.net> Co-authored-by: Josh Matthews <josh@joshmatthews.net>
This commit is contained in:
Tim van der Lippe
GitHub
parent
5d84acc06e
commit
85e4a2b5c7
146 changed files with 511 additions and 612 deletions
|
|
@ -14,3 +14,6 @@
|
|||
|
||||
[Opening a blob URL in a new window by clicking an <a> tag works immediately before revoking the URL.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Fetching a blob URL immediately before revoking it works in <script> tags.]
|
||||
expected: TIMEOUT
|
||||
|
|
|
|||
|
|
@ -12,3 +12,6 @@
|
|||
|
||||
[Revoke blob URL after creating Request, then clone Request, will fetch]
|
||||
expected: FAIL
|
||||
|
||||
[Revoke blob URL after calling fetch, fetch should succeed]
|
||||
expected: FAIL
|
||||
|
|
|
|||
4
tests/wpt/meta/MANIFEST.json
vendored
4
tests/wpt/meta/MANIFEST.json
vendored
|
|
@ -564105,14 +564105,14 @@
|
|||
]
|
||||
],
|
||||
"connect-src-websocket-allowed.sub.html": [
|
||||
"4263d97fe2dfbb9e2a0f0851c07798d40a5671a9",
|
||||
"1d83bdd18e379f9780cbf7a64e05433ad92dde8b",
|
||||
[
|
||||
null,
|
||||
{}
|
||||
]
|
||||
],
|
||||
"connect-src-websocket-blocked.sub.html": [
|
||||
"02c52837bb8bd5cbc26f54f899fe25b5d68bd561",
|
||||
"2cc3f1b5a054dd89c675d7564be8f52ef6d1daa7",
|
||||
[
|
||||
null,
|
||||
{}
|
||||
|
|
|
|||
|
|
@ -1,10 +1,6 @@
|
|||
[report-uri-does-not-respect-base-uri.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test that image does not load]
|
||||
expected: NOTRUN
|
||||
|
||||
[Event is fired]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Violation report status OK.]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,4 @@
|
|||
[child-src-worker-blocked.sub.html]
|
||||
expected: ERROR
|
||||
expected: TIMEOUT
|
||||
[Should throw a securitypolicyviolation event]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Should block worker because it does not match any directive including the deprecated 'child-src']
|
||||
expected: TIMEOUT
|
||||
|
|
|
|||
|
|
@ -1,3 +0,0 @@
|
|||
[connect-src-syncxmlhttprequest-blocked.sub.html]
|
||||
[Expecting logs: ["Pass","violated-directive=connect-src"\]]
|
||||
expected: FAIL
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
[connect-src-websocket-blocked.sub.html]
|
||||
[Expecting logs: ["blocked","violated-directive=connect-src"\]]
|
||||
expected: FAIL
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
[connect-src-xmlhttprequest-blocked.sub.html]
|
||||
[Expecting logs: ["Pass","violated-directive=connect-src"\]]
|
||||
expected: FAIL
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
[frame-ancestors-path-ignored.window.html]
|
||||
[A 'frame-ancestors' CSP directive with a URL that includes a path should be ignored.]
|
||||
expected: FAIL
|
||||
|
|
@ -1,12 +1,6 @@
|
|||
[worker-classic.http.html]
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,12 +1,6 @@
|
|||
[worker-classic.https.html]
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,12 +1,6 @@
|
|||
[worker-module.http.html]
|
||||
[Content Security Policy: Expects blocked for worker-module to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,12 +1,6 @@
|
|||
[worker-module.https.html]
|
||||
[Content Security Policy: Expects blocked for worker-module to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,12 +1,6 @@
|
|||
[worker-classic.http.html]
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,12 +1,6 @@
|
|||
[worker-classic.https.html]
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-classic to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,12 +1,6 @@
|
|||
[worker-module.http.html]
|
||||
[Content Security Policy: Expects blocked for worker-module to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,12 +1,6 @@
|
|||
[worker-module.https.html]
|
||||
[Content Security Policy: Expects blocked for worker-module to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-module to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[directive-name-case-insensitive.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test that the www2 image is not allowed to load]
|
||||
expected: FAIL
|
||||
|
||||
[Test that the www2 image throws a violation event]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[generic-0_1-img-src.html]
|
||||
expected: TIMEOUT
|
||||
[Verify cascading of default-src to img-src policy]
|
||||
expected: FAIL
|
||||
|
||||
[Should fire violation events for every failed violation]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[generic-0_1-script-src.html]
|
||||
expected: TIMEOUT
|
||||
[Should fire violation events for every failed violation]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[generic-0_10_1.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Should fire violation events for every failed violation]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[generic-0_2_2.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Should fire violation events for every failed violation]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[generic-0_2_3.html]
|
||||
expected: TIMEOUT
|
||||
[Should fire violation events for every failed violation]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
2
tests/wpt/meta/content-security-policy/generic/wildcard-host-part.sub.window.js.ini
vendored
Normal file
2
tests/wpt/meta/content-security-policy/generic/wildcard-host-part.sub.window.js.ini
vendored
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
[wildcard-host-part.sub.window.html]
|
||||
expected: CRASH
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
[img-src-full-host-wildcard-blocked.sub.html]
|
||||
[img src does not match full host and wildcard csp directive]
|
||||
expected: FAIL
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
[img-src-none-blocks-data-uri.html]
|
||||
[img-src with 'none' source should not match]
|
||||
expected: FAIL
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
[img-src-none-blocks.html]
|
||||
[img-src with 'none' source should not match]
|
||||
expected: FAIL
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
[report-blocked-data-uri.sub.html]
|
||||
[Expecting logs: ["violated-directive=img-src"\]]
|
||||
expected: FAIL
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
[inherited-csp-list-modifications-are-local.html]
|
||||
expected: TIMEOUT
|
||||
[Test that embedded iframe document image does not load]
|
||||
expected: FAIL
|
||||
|
||||
[Test that spv event is fired]
|
||||
expected: NOTRUN
|
||||
|
|
@ -1,7 +1,3 @@
|
|||
[media-src-7_1_2.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Disallowed async video src]
|
||||
expected: FAIL
|
||||
|
||||
[Test that securitypolicyviolation events are fired]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,10 +1,7 @@
|
|||
[media-src-7_2_2.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Disallaowed audio src]
|
||||
expected: FAIL
|
||||
|
||||
[Disallowed audio source element]
|
||||
expected: FAIL
|
||||
expected: NOTRUN
|
||||
|
||||
[Test that securitypolicyviolation events are fired]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,12 +1,13 @@
|
|||
[media-src-blocked.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Disallowed async video src]
|
||||
expected: FAIL
|
||||
|
||||
[Disallowed async video source element]
|
||||
expected: FAIL
|
||||
expected: TIMEOUT
|
||||
|
||||
[Disallowed audio src]
|
||||
expected: FAIL
|
||||
expected: NOTRUN
|
||||
|
||||
[Disallowed audio source element]
|
||||
expected: FAIL
|
||||
expected: NOTRUN
|
||||
|
|
|
|||
|
|
@ -1,3 +0,0 @@
|
|||
[meta-img-src.html]
|
||||
[Expecting logs: ["PASS","TEST COMPLETE"\]]
|
||||
expected: FAIL
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
[meta-modified.html]
|
||||
[Expecting logs: ["PASS", "PASS","TEST COMPLETE"\]]
|
||||
expected: FAIL
|
||||
|
|
@ -1,3 +1,4 @@
|
|||
[invalid-directive.html]
|
||||
expected: TIMEOUT
|
||||
[Even if an unknown directive is specified, img-src is honored.]
|
||||
expected: FAIL
|
||||
expected: TIMEOUT
|
||||
|
|
|
|||
|
|
@ -1,10 +1,6 @@
|
|||
[report-to-directive-allowed-in-meta.https.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test that image does not load]
|
||||
expected: NOTRUN
|
||||
|
||||
[Event is fired]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Report is observable to ReportingObserver]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test that image does not load]
|
||||
expected: NOTRUN
|
||||
|
||||
[Event is fired]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[reporting-api-report-to-overrides-report-uri-1.https.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test that image does not load]
|
||||
expected: NOTRUN
|
||||
|
||||
[Event is fired]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[reporting-api-report-to-overrides-report-uri-2.https.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test that image does not load]
|
||||
expected: NOTRUN
|
||||
|
||||
[Event is fired]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,10 +1,6 @@
|
|||
[reporting-api-sends-reports-on-violation.https.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test that image does not load]
|
||||
expected: NOTRUN
|
||||
|
||||
[Event is fired]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Report is observable to ReportingObserver]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,6 +1,3 @@
|
|||
[report-and-enforce.html]
|
||||
[The image should be blocked]
|
||||
expected: FAIL
|
||||
|
||||
[Violation report status OK.]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,4 @@
|
|||
[report-same-origin-with-cookies.html]
|
||||
[Image should not load]
|
||||
expected: FAIL
|
||||
|
||||
[Violation report status OK.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[strict-dynamic-elem-blocked-src-allowed.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Should fire a security policy violation event]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[script-src-1_10.html]
|
||||
expected: TIMEOUT
|
||||
[Test that securitypolicyviolation event is fired]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
[script-src-report-only-policy-works-with-external-hash-policy.html]
|
||||
expected: TIMEOUT
|
||||
[Should fire securitypolicyviolation event]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[External script in a script tag with matching SRI hash should run.]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[securitypolicyviolation-block-cross-origin-image-from-script.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Non-redirected cross-origin URLs are not stripped.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[securitypolicyviolation-block-cross-origin-image.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Non-redirected cross-origin URLs are not stripped.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[securitypolicyviolation-block-image-from-script.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Non-redirected cross-origin URLs are not stripped.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[securitypolicyviolation-block-image.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Non-redirected same-origin URLs are not stripped.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,6 @@
|
|||
[style-blocked.html]
|
||||
expected: TIMEOUT
|
||||
[Violated directive is script-src-elem.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[document.styleSheets should contain an item for the blocked CSS.]
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,4 @@
|
|||
[style-src-error-event-fires.html]
|
||||
expected: TIMEOUT
|
||||
[Test error event fires on stylesheet link]
|
||||
expected: NOTRUN
|
||||
|
||||
[Test error event fires on inline style]
|
||||
expected: NOTRUN
|
||||
|
|
|
|||
|
|
@ -1,7 +1,4 @@
|
|||
[style-src-injected-stylesheet-blocked.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Programatically injected stylesheet should not load]
|
||||
expected: FAIL
|
||||
|
||||
[Should fire a securitypolicyviolation event]
|
||||
expected: NOTRUN
|
||||
|
|
|
|||
|
|
@ -1,7 +1,4 @@
|
|||
[style-src-none-blocked.html]
|
||||
expected: TIMEOUT
|
||||
[Should not stylesheet when style-src is 'none']
|
||||
expected: FAIL
|
||||
|
||||
[Should fire a securitypolicyviolation event]
|
||||
expected: NOTRUN
|
||||
|
|
|
|||
3
tests/wpt/meta/content-security-policy/style-src/style-src-stylesheet-nonce-allowed.html.ini
vendored
Normal file
3
tests/wpt/meta/content-security-policy/style-src/style-src-stylesheet-nonce-allowed.html.ini
vendored
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
[style-src-stylesheet-nonce-allowed.html]
|
||||
[Stylesheet link should load with correct nonce]
|
||||
expected: FAIL
|
||||
|
|
@ -1,7 +1,4 @@
|
|||
[style-src-stylesheet-nonce-blocked.html]
|
||||
expected: TIMEOUT
|
||||
[Should not load stylesheet without correct nonce]
|
||||
expected: FAIL
|
||||
|
||||
[Should fire a securitypolicyviolation event]
|
||||
expected: NOTRUN
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
[dedicated-none.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Same-origin dedicated worker blocked by host-source expression.]
|
||||
expected: FAIL
|
||||
expected: TIMEOUT
|
||||
|
||||
[blob: dedicated worker blocked by 'blob:'.]
|
||||
expected: FAIL
|
||||
expected: TIMEOUT
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
[dedicated-worker-src-child-fallback-blocked.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Same-origin dedicated worker allowed by worker-src 'self'.]
|
||||
expected: FAIL
|
||||
expected: TIMEOUT
|
||||
|
|
|
|||
2
tests/wpt/meta/css/css-tables/table-cell-overflow-auto-scrolled.html.ini
vendored
Normal file
2
tests/wpt/meta/css/css-tables/table-cell-overflow-auto-scrolled.html.ini
vendored
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
[table-cell-overflow-auto-scrolled.html]
|
||||
expected: FAIL
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
[009.html]
|
||||
[Link with onclick form submit to javascript url with document.write and href navigation ]
|
||||
expected: FAIL
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
[navigation-unload-same-origin.window.html]
|
||||
[Same-origin navigation started from unload handler must be ignored]
|
||||
expected: FAIL
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
[same-document-refresh.html]
|
||||
[Same-Document Referrer from Refresh]
|
||||
expected: FAIL
|
||||
3
tests/wpt/meta/html/browsers/history/the-history-interface/traverse_the_history_5.html.ini
vendored
Normal file
3
tests/wpt/meta/html/browsers/history/the-history-interface/traverse_the_history_5.html.ini
vendored
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
[traverse_the_history_5.html]
|
||||
[Multiple history traversals, last would be aborted]
|
||||
expected: FAIL
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
[2d.canvas.host.size.large.worker.html]
|
||||
expected: CRASH
|
||||
|
|
@ -1,15 +1,19 @@
|
|||
[supported-elements.html]
|
||||
expected: TIMEOUT
|
||||
[Contenteditable element should support autofocus]
|
||||
expected: FAIL
|
||||
|
||||
[Host element with delegatesFocus including no focusable descendants should be skipped]
|
||||
expected: FAIL
|
||||
expected: NOTRUN
|
||||
|
||||
[Element with tabindex should support autofocus]
|
||||
expected: FAIL
|
||||
|
||||
[Area element should support autofocus]
|
||||
expected: FAIL
|
||||
expected: NOTRUN
|
||||
|
||||
[Host element with delegatesFocus should support autofocus]
|
||||
expected: FAIL
|
||||
expected: NOTRUN
|
||||
|
||||
[Non-HTMLElement should not support autofocus]
|
||||
expected: TIMEOUT
|
||||
|
|
|
|||
2
tests/wpt/meta/html/rendering/replaced-elements/images/blocked-by-csp.html.ini
vendored
Normal file
2
tests/wpt/meta/html/rendering/replaced-elements/images/blocked-by-csp.html.ini
vendored
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
[blocked-by-csp.html]
|
||||
expected: FAIL
|
||||
|
|
@ -1,4 +1,3 @@
|
|||
[iframe_sandbox_popups_escaping-1.html]
|
||||
expected: TIMEOUT
|
||||
[Check that popups from a sandboxed iframe escape the sandbox if\n allow-popups-to-escape-sandbox is used]
|
||||
expected: TIMEOUT
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[iframe_sandbox_popups_escaping-2.html]
|
||||
expected: TIMEOUT
|
||||
[Check that popups from a sandboxed iframe escape the sandbox if\n allow-popups-to-escape-sandbox is used]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
[iframe_sandbox_popups_escaping-3.html]
|
||||
expected: CRASH
|
||||
expected: TIMEOUT
|
||||
[Check that popups from a sandboxed iframe escape the sandbox if\n allow-popups-to-escape-sandbox is used]
|
||||
expected: FAIL
|
||||
expected: TIMEOUT
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
[iframe_sandbox_popups_nonescaping-3.html]
|
||||
expected: TIMEOUT
|
||||
[Check that popups from a sandboxed iframe do not escape the sandbox]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,3 +0,0 @@
|
|||
[meta-csp-img-src-none.tentative.sub.html]
|
||||
[Speculative parsing, document.write(): meta-csp-img-src-none]
|
||||
expected: FAIL
|
||||
|
|
@ -1,7 +1,6 @@
|
|||
[TrustedTypePolicyFactory-createPolicy-cspTests-none.html]
|
||||
expected: TIMEOUT
|
||||
[Cannot create policy with name 'SomeName' - policy creation throws]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Cannot create policy with name 'default' - policy creation throws]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
[TrustedTypePolicyFactory-createPolicy-cspTests.html]
|
||||
expected: TIMEOUT
|
||||
[Non-allowed name policy creation throws.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Duplicate name policy creation throws.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
[block-text-node-insertion-into-script-element.html]
|
||||
expected: TIMEOUT
|
||||
expected: ERROR
|
||||
[Regression test: Bypass via insertAdjacentText, initial comment.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -7,16 +7,13 @@
|
|||
expected: FAIL
|
||||
|
||||
[Spot tests around script + innerHTML interaction.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Prep for subsequent tests: Create default policy.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Test that default policy applies.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Test a failing default policy.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Spot tests around script + innerHTML interaction with default policy.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,16 +1,12 @@
|
|||
[block-text-node-insertion-into-svg-script-element.html]
|
||||
expected: TIMEOUT
|
||||
[Spot tests around script + innerHTML interaction.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Prep for subsequent tests: Create default policy.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Test that default policy applies. svg:script]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Test a failing default policy. svg:script]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Spot tests around script + innerHTML interaction with default policy.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,13 +1,9 @@
|
|||
[require-trusted-types-for-report-only.html]
|
||||
expected: TIMEOUT
|
||||
[Require trusted types for 'script' block create HTML.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Require trusted types for 'script' block create script.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Require trusted types for 'script' block create script URL.]
|
||||
expected: NOTRUN
|
||||
|
||||
[Set require trusted types for 'script' without CSP for trusted types don't block policy creation and using.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,13 +1,9 @@
|
|||
[require-trusted-types-for.html]
|
||||
expected: TIMEOUT
|
||||
[Require trusted types for 'script' block create HTML.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Require trusted types for 'script' block create script.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Require trusted types for 'script' block create script URL.]
|
||||
expected: NOTRUN
|
||||
|
||||
[Set require trusted types for 'script' without CSP for trusted types don't block policy creation and using.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,22 +1,22 @@
|
|||
[should-sink-type-mismatch-violation-be-blocked-by-csp-001.html]
|
||||
expected: TIMEOUT
|
||||
[Multiple enforce require-trusted-types-for directives.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Multiple report-only require-trusted-types-for directives.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[One violated report-only require-trusted-types-for directive followed by multiple enforce directives]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[One violated enforce require-trusted-types-for directive followed by multiple report-only directives]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Mixing enforce and report-only require-trusted-types-for directives.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[directive "require-trusted-types-for 'script'%09'script'%0A'script'%0C'script'%0D'script'%20'script'" (required-ascii-whitespace)]
|
||||
expected: NOTRUN
|
||||
expected: TIMEOUT
|
||||
|
||||
[invalid directive "require-trusted-types-for 'script''script'" (no ascii-whitespace)]
|
||||
expected: NOTRUN
|
||||
|
|
@ -34,10 +34,10 @@
|
|||
expected: NOTRUN
|
||||
|
||||
[directive "require-trusted-types-for 'invalid'%09'script'" (required-ascii-whitespace)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[directive "require-trusted-types-for 'invalid'%0A%20'script'" (required-ascii-whitespace)]
|
||||
expected: NOTRUN
|
||||
expected: TIMEOUT
|
||||
|
||||
[directive "require-trusted-types-for 'invalid'%0C'script'" (required-ascii-whitespace)]
|
||||
expected: NOTRUN
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[should-sink-type-mismatch-violation-be-blocked-by-csp-003.html]
|
||||
expected: TIMEOUT
|
||||
[Location of required-trusted-types-for violations.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,73 +1,66 @@
|
|||
[should-trusted-type-policy-creation-be-blocked-by-csp-001.html]
|
||||
expected: TIMEOUT
|
||||
[single enforce policy with directive "trusted-type tt-policy-name"]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type tt-policy-name"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single enforce policy with directive "trusted-type *"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type *"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single enforce policy with directive "trusted-type 'none'"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type 'none'"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single enforce policy with directive "trusted-type 'allow-duplicates'"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type 'allow-duplicates'"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single enforce policy with directive "trusted-type tt-policy-name 'allow-duplicates'"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type tt-policy-name 'allow-duplicates'"]
|
||||
expected: NOTRUN
|
||||
|
||||
[single enforce policy with directive "trusted-type * 'allow-duplicates'"]
|
||||
expected: NOTRUN
|
||||
|
||||
[single report-only policy with directive "trusted-type * 'allow-duplicates'"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single enforce policy with directive "trusted-type 'none' 'allow-duplicates'"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type 'none' 'allow-duplicates'"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single enforce policy with directive "trusted-type 'none' tt-policy-name"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type 'none' tt-policy-name"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single enforce policy with directive "trusted-type 'none' *"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type 'none' *"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single enforce policy with directive "trusted-type tt-policy-name *"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type tt-policy-name *"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single enforce policy with directive "trusted-type tt-policy-name1 tt-policy-name2 tt-policy-name3"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type tt-policy-name1 tt-policy-name2 tt-policy-name3"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Single enforce policy with directive "trusted-type none"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Single enforce policy with directive "trusted-type allow-duplicates"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,67 +1,28 @@
|
|||
[should-trusted-type-policy-creation-be-blocked-by-csp-002.html]
|
||||
expected: TIMEOUT
|
||||
[valid tt-policy-name name "1"]
|
||||
expected: TIMEOUT
|
||||
|
||||
[valid tt-policy-name name "abcdefghijklmnopqrstuvwxyz"]
|
||||
expected: NOTRUN
|
||||
|
||||
[valid tt-policy-name name "ABCDEFGHIJKLMNOPQRSTUVWXYZ"]
|
||||
expected: NOTRUN
|
||||
|
||||
[valid tt-policy-name name "0123456789"]
|
||||
expected: NOTRUN
|
||||
|
||||
[valid tt-policy-name name "policy-name"]
|
||||
expected: NOTRUN
|
||||
|
||||
[valid tt-policy-name name "policy=name"]
|
||||
expected: NOTRUN
|
||||
|
||||
[valid tt-policy-name name "policy_name"]
|
||||
expected: NOTRUN
|
||||
|
||||
[valid tt-policy-name name "policy/name"]
|
||||
expected: NOTRUN
|
||||
|
||||
[valid tt-policy-name name "policy@name"]
|
||||
expected: NOTRUN
|
||||
|
||||
[valid tt-policy-name name "policy.name"]
|
||||
expected: NOTRUN
|
||||
|
||||
[valid tt-policy-name name "policy%name"]
|
||||
expected: NOTRUN
|
||||
|
||||
[valid tt-policy-name name "policy#name"]
|
||||
expected: NOTRUN
|
||||
|
||||
[valid tt-policy-name name "6xY/2x=3Y..."]
|
||||
expected: NOTRUN
|
||||
|
||||
[invalid tt-policy-name name "policy name"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[invalid tt-policy-name name "policy*name"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[invalid tt-policy-name name "policy$name"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[invalid tt-policy-name name "policy?name"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[invalid tt-policy-name name "policy!name"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[directive "trusted-type _TTP1_%09_TTP2_%0C_TTP3_%0D_TTP4_%20_TTP5_" (required-ascii-whitespace)]
|
||||
expected: NOTRUN
|
||||
expected: TIMEOUT
|
||||
|
||||
[invalid directive "trusted-type _TTP" (no ascii whitespace)]
|
||||
expected: NOTRUN
|
||||
|
||||
[non-ASCII trusted-types directives are discarded ("política")]
|
||||
expected: NOTRUN
|
||||
expected: TIMEOUT
|
||||
|
||||
[directive "trusted-type _TTP1_%09_TTP2_%0A%20_TTP3_%0C_TTP4_%0D_TTP5_%20_TTP6_" (required-ascii-whitespace)]
|
||||
expected: NOTRUN
|
||||
|
|
|
|||
|
|
@ -1,19 +1,15 @@
|
|||
[should-trusted-type-policy-creation-be-blocked-by-csp-003.html]
|
||||
expected: TIMEOUT
|
||||
[Multiple non-violated enforce trusted-types directives.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Multiple report-only trusted-types directives.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[One violated report-only trusted-types directive followed by multiple enforce directives.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[One violated enforce trusted-types directive followed by multiple report-only directives.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Mixing enforce and report-only policies with trusted-types directives]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Mixing enforce and report-only policies with trusted-types directives (duplicate policy)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
[should-trusted-type-policy-creation-be-blocked-by-csp-005.html]
|
||||
expected: TIMEOUT
|
||||
[Location of trusted-types violations.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,10 +1,9 @@
|
|||
[trusted-types-eval-reporting-no-unsafe-eval.html]
|
||||
expected: TIMEOUT
|
||||
[Trusted Type violation report: evaluating a string violates both script-src and trusted-types.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Trusted Type violation report: evaluating a Trusted Script violates script-src.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Trusted Type violation report: script-src restrictions apply after the default policy runs.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,10 +1,6 @@
|
|||
[trusted-types-eval-reporting-report-only.html]
|
||||
expected: TIMEOUT
|
||||
[Trusted Type violation report: evaluating a string.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Trusted Type violation report: evaluating a Trusted Script.]
|
||||
expected: NOTRUN
|
||||
|
||||
[Trusted Type violation report: default policy runs in report-only mode.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
[trusted-types-navigation.html]
|
||||
expected: TIMEOUT
|
||||
expected: CRASH
|
||||
[Navigate a window via anchor with javascript:-urls in enforcing mode.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
|
|||
|
|
@ -1,16 +1,15 @@
|
|||
[trusted-types-report-only.html]
|
||||
expected: TIMEOUT
|
||||
[Trusted Type violation report-only: assign string to script url]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Trusted Type violation report-only: assign string to html]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Trusted Type violation report-only: assign string to script.src]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Trusted Type violation report-only: assign string to script content]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Trusted Type violation report: check report contents]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,37 +1,36 @@
|
|||
[trusted-types-reporting-clipping-of-sample.html]
|
||||
expected: TIMEOUT
|
||||
[Clipping of violation sample for createPolicy(AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA)]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for Element.innerHTML = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for createPolicy(BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for Element.innerHTML = "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for createPolicy(CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for Element.innerHTML = "CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for createPolicy(ÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐ)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for Element.innerHTML = "ÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐÐ"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for createPolicy(ÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉ)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for Element.innerHTML = "ÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉÉ"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for createPolicy(℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for Element.innerHTML = "℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉℉"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,25 +1,24 @@
|
|||
[trusted-types-reporting-clipping-of-sample.tentative.html]
|
||||
expected: TIMEOUT
|
||||
[Clipping of violation sample for createPolicy(𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆)]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for Element.innerHTML = "𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for createPolicy(H𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for Element.innerHTML = "H𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇𝐇"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for createPolicy(𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈I)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for Element.innerHTML = "𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈𝐈I"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for createPolicy(𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Clipping of violation sample for Element.innerHTML = "𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉𝐉"]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[trusted-types-reporting-for-DOMParser-parseFromString.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for TrustedHTML.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Violation report for plain string.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,10 +1,9 @@
|
|||
[trusted-types-reporting-for-Document-execCommand.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for TrustedHTML.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[No violation reported (paste command).]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for plain string (insertHTML command).]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
[trusted-types-reporting-for-Document-parseHTMLUnsafe.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for TrustedHTML.]
|
||||
expected: TIMEOUT
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for plain string.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,13 +1,6 @@
|
|||
[trusted-types-reporting-for-Document-write.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for write() with TrustedHTML arguments.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Violation report for plain string for write() with at least one plain string argument.]
|
||||
expected: NOTRUN
|
||||
|
||||
[No violation reported for writeln() with TrustedHTML arguments.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for plain string for writeln() with at least one plain string argument.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[trusted-types-reporting-for-Element-innerHTML.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for TrustedHTML.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Violation report for plain string.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[trusted-types-reporting-for-Element-insertAdjacentHTML.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for TrustedHTML.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Violation report for plain string.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[trusted-types-reporting-for-Element-outerHTML.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for TrustedHTML.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Violation report for plain string.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,31 +1,27 @@
|
|||
[trusted-types-reporting-for-Element-setAttribute.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for trusted types.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Violation report for HTMLIFrameElement.setAttribute('srcdoc', plain_string)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for HTMLIFrameElement.setAttributeNS(null, 'srcdoc', plain_string)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for Element.setAttribute('onclick', plain_string)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for Element.setAttributeNS(null, 'onclick', plain_string)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for HTMLScriptElement.setAttribute('src', plain_string)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for HTMLScriptElement.setAttributeNS(null, 'src', plain_string)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for SVGScriptElement.setAttribute('href', plain_string)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for SVGScriptElement.setAttributeNS(null, 'href', plain_string)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for SVGScriptElement.setAttributeNS(http://www.w3.org/1999/xlink, 'href', plain_string)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[trusted-types-reporting-for-Element-setHTMLUnsafe.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for TrustedHTML.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Violation report for plain string.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[trusted-types-reporting-for-HTMLIFrameElement-srcdoc.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for TrustedHTML.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Violation report for plain string.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,7 +1,3 @@
|
|||
[trusted-types-reporting-for-HTMLScriptElement-innerHTML.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for TrustedHTML.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Violation report for plain string.]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
|
|
@ -1,25 +1,12 @@
|
|||
[trusted-types-reporting-for-HTMLScriptElement.html]
|
||||
expected: TIMEOUT
|
||||
[No violation reported for trusted input (innerText).]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Violation report for plain string (innerText)]
|
||||
expected: NOTRUN
|
||||
|
||||
[No violation reported for trusted input (textContent).]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for plain string (textContent)]
|
||||
expected: NOTRUN
|
||||
|
||||
[No violation reported for trusted input (src).]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for plain string (src)]
|
||||
expected: NOTRUN
|
||||
|
||||
[No violation reported for trusted input (text).]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
||||
[Violation report for plain string (text)]
|
||||
expected: NOTRUN
|
||||
expected: FAIL
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue